Cisco Nexus 5000 Series Command Reference Release 4.0(1a)N2(1) (OL-16599-01, March 2009)

ManualsBrandsHP ManualsStorageCisco Nexus 5010 with FCoE Storage Services License Converged Network Switch

421

422

423

424

425

426

427

428

429

430

Send comments to nx5000-docfeedback@cisco.com

6-93

Cisco Nexus 5000 Series Command Reference

OL-16599-01

Chapter 6 Security Commands

rule

To configure rules for a user role, use the rule command. To delete a rule, use the no form of this

command.

rule number {deny | permit} {command command-string | {read | read-write} [feature

feature-name | feature-group group-name]}

no rule number

Syntax Description

Command Default None

Command Modes User role configuration.

Command History

Usage Guidelines You can configure up to 256 rules for each role.

The rule number that you specify determines the order in which the rules are applied. Rules are applied

in descending order. For example, if a role has three rules, rule 3 is applied before rule 2, which is applied

before rule 1.

Examples This example shows how to add rules to a user role:

switch(config)# role MyRole

switch(config-role)# rule 1 deny command clear users

switch(config-role)# rule 1 permit read-write feature-group L3

number Sequence number for the rule. The switch applies the rule with the highest

value first and then the rest in descending order.

deny Denies access to commands or features.

permit Permits access to commands or features.

command

command-string

Specifies a command string.

read Specifies read access.

read-write Specifies read and write access.

feature feature-name (Optional) Specifies a feature name. Use the show role feature command to

list the switch feature names.

feature-group

group-name

(Optional) Specifies a feature group.

Release Modification

4.0(0)N1(1a) This command was introduced.